Skip to content

adding ident support for getting CVE names and urls#12

Merged
isimluk merged 3 commits intoOpenSCAP:masterfrom
ianwatsonrh:master
Apr 16, 2018
Merged

adding ident support for getting CVE names and urls#12
isimluk merged 3 commits intoOpenSCAP:masterfrom
ianwatsonrh:master

Conversation

@ianwatsonrh
Copy link
Contributor

@ianwatsonrh ianwatsonrh commented Mar 28, 2018
edited by isimluk
Loading

This PR gives you the ability to query idents from the arf report. In the arf report it is actually the idents that contain the CVE references not the "references" element as shown below.

<Rule selected="true" id="xccdf_com.redhat.rhsa_rule_oval-com.redhat.rhsa-def-20140675" severity="high">
    <title>RHSA-2014:0675: java-1.7.0-openjdk security update (Critical)</title>
    <ident system="https://rhn.redhat.com/errata">RHSA-2014-0675</ident>
    <ident system="http://cve.mitre.org">CVE-2014-0429</ident>
    <ident system="http://cve.mitre.org">CVE-2014-0446</ident>
    ...

@ianwatsonrh ianwatsonrh mentioned this pull request Mar 28, 2018
Closed
isimluk
isimluk reviewed Mar 29, 2018
View reviewed changes
lib/openscap/xccdf/item.rb Outdated

def idents
idenss = []
idenss_it = OpenSCAP.xccdf_rule_get_idents(@raw)
Copy link
Member

@isimluk isimluk Mar 29, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I noticed trailing whitespace here.

It's nitpick, but I would feel better if we could get these fixed.

isimluk
isimluk reviewed Mar 29, 2018
View reviewed changes
lib/openscap/xccdf/item.rb Outdated
end

def idents
idenss = []
Copy link
Member

@isimluk isimluk Mar 29, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did you perhaps mean to say indents ? Not sure whether this is a typo or legit.

Copy link
Member

@isimluk isimluk Apr 16, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure, I can fix this one for you.

@isimluk
Copy link
Member

isimluk commented Mar 29, 2018

Thank You!

Looks good, didn't test yet.

Could you please write a test or two?

isimluk
isimluk reviewed Mar 29, 2018
View reviewed changes
lib/openscap/xccdf/ident.rb Outdated
OpenSCAP.xccdf_ident_get_id(@raw)
end


Copy link
Member

@isimluk isimluk Mar 29, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

extra whitespaces

isimluk
isimluk reviewed Mar 29, 2018
View reviewed changes
lib/openscap/xccdf/ident.rb Outdated
end



Copy link
Member

@isimluk isimluk Mar 29, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ditto.

isimluk
isimluk reviewed Mar 29, 2018
View reviewed changes
lib/openscap/xccdf/item.rb Outdated

def idents
idenss = []
idenss_it = OpenSCAP.xccdf_rule_get_idents(@raw)
Copy link
Member

@isimluk isimluk Mar 29, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think OpenSCAP.xccdf_rule_get_idents will backtrace really hard here if you pass in xccdf:Group element (the crash may occur only on some platforms, but still the risk exists).

You need to put this into the rule.rb.

Copy link
Member

@isimluk isimluk Mar 29, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ianwatsonrh
Copy link
Contributor Author

ianwatsonrh commented Mar 29, 2018

Good point on the item vs rule. Have moved that across and cleared up the white space.

Will look at writing some tests.

"ident" is intentional as thats the name referred to in the arf schema.

<Rule selected="true" id="xccdf_com.redhat.rhsa_rule_oval-com.redhat.rhsa-def-20140675" severity="high"> <title>RHSA-2014:0675: java-1.7.0-openjdk security update (Critical)</title> <ident system="https://rhn.redhat.com/errata">RHSA-2014-0675</ident> <ident system="http://cve.mitre.org">CVE-2014-0429</ident>

@ianwatsonrh
Copy link
Contributor Author

ianwatsonrh commented Apr 3, 2018

@isimluk please review

Added test for ident from a arf file (the way Cloudforms will consume this data)
Linting corrected
Small error on refactoring to rule.rb - missed a import

@isimluk
Copy link
Member

isimluk commented Apr 16, 2018

I thought we won't need ARF of size 275,156 Bytes just to test idents. I think we could have 1kB ARF file to test that, but I imagine working with all this file formats must be difficult for newcomer.

Anyway, thanks a lot for contribution! And sorrry it took me so long to get this reviewed.

@isimluk isimluk merged commit bf791a1 into OpenSCAP:master Apr 16, 2018
@ianwatsonrh ianwatsonrh mentioned this pull request Jun 28, 2018
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@isimluk isimluk isimluk left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ianwatsonrh @isimluk